Access Control Mechanisms

An access control mechanism controls which clients or applications
have access to the OpenWindows server. Only properly authorized clients can
connect to the server. All unauthorized X clients terminate with the following
error message:

Xlib:
connection to hostname refused by server Xlib:
Client is not authorized to connect to
server

The two types of access control mechanisms are: user-based and host-based. Unless the -noauth option is used with openwin, both the user-based
access control mechanism and the host-based access control mechanism are
active. See Manipulating Access to the Server
for more information.

User-Based

A user-based, or authorization-based
mechanism allows you to give access explicitly to a particular user on any
host. The user's client passes authorization data to the server. If the data
matches the server's authorization data, the user obtains access.

Host-Based

A host-based mechanism is a general purpose mechanism. It allows you
to give access to a particular host, such that all users on that host can
connect to the server. This is a weak form of access control; if a host has
access to the server, all users on that host can connect to the server.

The Solaris environment provides the host-based mechanism for backward
compatibility. Applications linked with a version of Xlib
older than OpenWindows Version 2 or X11R4 do not recognize the new user-based
access control mechanism. To enable these applications to connect to the
server, a user must either switch to the host-based mechanism, or relink
with the newer version of Xlib.

Note –

If possible, clients linked with an older version of Xlib should
be relinked with a newer version of Xlib. This enables them to connect to
the server with the new user-based access control mechanism.